VMware Carbon Black App Control Advanced Administrator Course Overview

The VMware Carbon Black App Control Advanced Administrator course is a specialized training designed for IT professionals responsible for managing and securing endpoints with Carbon Black App Control. Throughout the course, participants will delve into the intricacies of Custom rule creation, Optimization, and best practices for maintaining a robust security posture.

Starting with course logistics and objectives, learners will gain familiarity with the platform's capabilities. They will explore Custom rules basics, learning how to write and execute action rules, understand precedence, and work with paths. The training emphasizes best practices, like the rule triad and avoiding rule multiplication, to ensure efficient and effective rule management.

As learners progress, they'll receive a comprehensive overview of Custom rule types and learn Optimizing custom rules by evaluating events. The course also covers creating, editing, and testing Event rules before implementation. Participants will be equipped with Troubleshooting considerations to distinguish between server and agent issues.

Advanced modules dive into Server capabilities and Agent capabilities, providing insights into tools, logs, common issues, and scenarios. This course empowers administrators with the skills to fine-tune their security measures, ensuring that their organization's endpoints are well-protected against threats.